Crash Course of Elasticsearch in 10 mins
What is Elasticsearch?
Elasticsearch is fast, horizontally scalable open source search engine. It provides HTTP API for storing and indexing JSON documents and with default configuration it behaves a little bit like searchable NoSQL database.
Installation – RHEL/Centos
Check node’s health status:
$ curl 127.0.0.1:9200/_cat/health?v
Get list of current indices
$ curl 127.00.1:9200/_cat/indices?v
Understanding Elasticsearch Keywords and Terminology
CRUD Operations using RESTful API of Elasticsearch using Create, Read, Update, Delete
[code]
Create – Adding new document to elasticsearch is as easy as HTTP POST request:
$ curl -X POST 127.0.0.1:9200/monitor/logs?pretty -d ‘{
“kind”: “info”,
“message”: “The server is up and running”
}’
#{
# “_index” : “monitor”,
# “_type” : “logs”,
# “_id” : “AVoWblBE6fU5oFCNC7jY”,
# “_version” : 1,
# “result” : “created”,
# “_shards” : {
# “total” : 2,
# “successful” : 1,
# “failed” : 0
# },
# “created” : true
#}
As not many people would actually enjoy inserting documents one by one, there’s also bulk insert option.
$ curl -X POST 127.0.0.1:9200/monitor/logs/_bulk -d ‘
{ “index”: {}}
{ “kind” : “warn”, “message”: “Using 90% of memory” }
{ “index”: {}}
{ “kind”: “err”, “message”: “OutOfMemoryException: Epic fail has just happened” }
‘
Read – when we have something in the index, we can perform simple search to read the documents back.
curl 127.0.0.1:9200/monitor/_search?pretty
#{
# ………
# “hits” : {
# “total” : 3,
# “max_score” : 1.0,
# “hits” : [
# {
# “_index” : “monitor”,
# “_type” : “logs”,
# “_id” : “AVoWe_7d6fU5oFCNC7jb”,
# “_score” : 1.0,
# “_source” : {
# “kind” : “err”,
# “message” : “OutOfMemoryException: Epic fail has just happened”
# }
# },
# {
# “_index” : “monitor”,
# “_type” : “logs”,
# “_id” : “AVoWe_7d6fU5oFCNC7ja”,
# “_score” : 1.0,
# “_source” : {
# “kind” : “warn”,
# “message” : “Using 90% of memory”
# }
# },
# {
# “_index” : “monitor”,
# “_type” : “logs”,
# “_id” : “AVoWblBE6fU5oFCNC7jY”,
# “_score” : 1.0,
# “_source” : {
# “kind” : “info”,
# “message” : “The server is up and running”
# }
# }
# ]
# }
#}
It’s also possible to get single document by its ID:
curl 127.0.0.1:9200/monitor/logs/AVoWblBE6fU5oFCNC7jY?pretty
#{
# …
# “_source” : {
# “kind” : “info”,
# “message” : “The server is up and running”
# }
#}
Update – Similarly, knowing document ID we can update it.
$ curl -X POST 127.0.0.1:9200/monitor/logs/AVoWe_7d6fU5oFCNC7jb -d ‘
{ “kind”: “err”,
“message”: “OutOfMemoryException: The server process used all available memory”
}’
Delete – When you need to get rid of something, HTTP DELETE will do the trick. E.g.
$ curl -X DELETE 127.0.0.1:9200/monitor/logs/AVoWe_7d6fU5oFCNC7jb
Search – The real power of elasticsearch is in search (duh). There’re two approaches for searching for data: the REST Request API for simple queries and more sophisticated Query DSL.
$ curl -s 127.0.0.1:9200/monitor/_search?q=memory | json_pp
$ curl -s 127.0.0.1:9200/monitor/_search -d ‘
[/code]
I’m a DevOps/SRE/DevSecOps/Cloud Expert passionate about sharing knowledge and experiences. I have worked at Cotocus. I share tech blog at DevOps School, travel stories at Holiday Landmark, stock market tips at Stocks Mantra, health and fitness guidance at My Medic Plus, product reviews at TrueReviewNow , and SEO strategies at Wizbrand.
Do you want to learn Quantum Computing?
Please find my social handles as below;
Rajesh Kumar Personal Website
Rajesh Kumar at YOUTUBE
Rajesh Kumar at INSTAGRAM
Rajesh Kumar at X
Rajesh Kumar at FACEBOOK
Rajesh Kumar at LINKEDIN
Rajesh Kumar at WIZBRAND
Find Trusted Cardiac Hospitals
Compare heart hospitals by city and services — all in one place.
Explore Hospitals
